US6688230B2 - Method of printing a token by a printer - Google Patents

Method of printing a token by a printer Download PDF

Info

Publication number
US6688230B2
US6688230B2 US10270322 US27032202A US6688230B2 US 6688230 B2 US6688230 B2 US 6688230B2 US 10270322 US10270322 US 10270322 US 27032202 A US27032202 A US 27032202A US 6688230 B2 US6688230 B2 US 6688230B2
Authority
US
Grant status
Grant
Patent type
Prior art keywords
printer
token
print job
job counter
method
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
US10270322
Other versions
US20030084809A1 (en )
Inventor
Cheh Goh
Marco Casassa Mont
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hewlett-Packard Development Co LP
Original Assignee
Hewlett-Packard Development Co LP
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Grant date

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F17/00Coin-freed apparatus for hiring articles; Coin-freed facilities or services
    • G07F17/42Coin-freed apparatus for hiring articles; Coin-freed facilities or services for ticket printing or like apparatus, e.g. apparatus for dispensing of printed paper tickets or payment cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/389Keeping log of transactions for guaranteeing non-repudiation of a transaction
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/12Card verification
    • G07F7/125Offline card verification

Abstract

A method of printing a token by printer (5), in which the printer (5) includes a digital identification device (1) configured to generate a series of distinct print job counter numbers and to provide a public key of a cryptographic public key/private key pair. The method includes the steps of sending a printer generated print job counter number and an encryption key to a token issuer (4) the token issuer (4) sending to the printer (5) a message encrypted by the encryption key, the message including the print job counter number and information representative of the token (9) to be printed and the printer (5) decrypting the encrypted message and printing the token using the information representative of the token (9) if the print job counter number is valid.

Description

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates to a method of printing a token by a printer.

2. Description of Related Art

When web users make a purchase of a ticket (a specific example of a token) via the internet, a physical ticket is usually made available for later use at a location where a show of possession of the ticket is needed. For example, when a user purchases a theatre ticket, the ticket may be dispatched by post to an address specified by the user, a reference number may be made available for the collection of a ticket from an agent physically or geographically nearby, upon showing some proof of identity such as a credit card, or the user may retrieve the ticket from the theatre upon showing the credit card used for purchase of the ticket which has the name of the user on it.

There are many potential inconveniences associated with these known approaches. A posted ticket may be lost in the post or delayed. When the ticket is provided to an agent, a loss of reference or an administrative error in sending the ticket to the agent can result in failure of the transaction. A ticket to be given to a third party cannot be handed over in advance of a theatre performance without going through one of the first two steps, which may fail. If to be collected at the venue, the user needs to be at the entrance of the venue early to collect pre-booked tickets and may fail to collect it through not having the correct credit card, lateness or a long queue.

The present applicant has identified a need to provide an improved approach to issuing a physical token to, for example, an internet user.

SUMMARY OF THE INVENTION

According to an embodiment of the invention, a method of printing a token by a printer includes use of a printer which includes a digital identification device configured to generate a series of distinct print job counter numbers and to provide a public key of a cryptographic public key/private key pair. The method includes the steps of sending a printer-generated print job counter number and an encryption key to a token issuer. The token issuer then sends to the printer a message encrypted by the encryption key, the message including the print job counter number and information representative of the token to be printed. The printer decrypts the encrypted message and prints the token using the information representative of the token if the print job counter number is valid.

The producer of the printer could be a trusted party who promises to fulfil and guarantee the requirements of both the ticket purchaser and the seller. The digital identification device could be embedded in the printer hardware as a printer identity module (PIM) unique to the printer similar to the SIM of a mobile telephone. Other means to provide the digital identification could be employed, for example a personal smart card with a personal digital certificate provided by a trusted certifying authority. The present invention is not confined to any particular approach to providing a digital identification device of the required functionality.

The encryption key may be the public key, which may be presented in the form of a digital certificate signed by the printer manufacturer. The encryption key may be a symmetric session encryption key and the method may include using the public key as an enveloping key for sending the symmetric session key to the token issuer securely.

Embodiments of the ticket printing system of the present invention will generally involve three parties. First, there is the ticket issuer who receives a payment for one or more tickets to be presented physically at a future point in time. Second, there is the purchaser who has paid for the tickets online who can print the tickets immediately for physical possession. Third, there is the venue entrance controller who will provide to the ticket holder services on presentation of the tickets. The venue entrance controller could also be the ticket issuer.

Embodiments of the invention may provide, from the token issuer's point of view, that the number of tickets printed is exactly as mandated by the issuer/server; the tickets are only printable on the printer designated by the purchaser; the printer is able to confirm to the issuer the physical completion of the printing; and no record of the mapping between the ticket and the buyer is kept. These assurances are obtainable by use of the trusted printer with the required functionality built into it in a secure, non-tamperable fashion including physical tamper-proof provision in known manner. The digital identification device may include a trusted party's digital certificate transmittable on request to the token issuer to confirm the printer has the required security.

Embodiments of the invention may provide, from the buyer's point of view, that the issuer cannot repudiate the authorisation of number of tickets for print; there are mechanisms to ensure that printer failure, ie., running out of paper or ink, jammed machine, power failure and so forth will be accounted for and the ticket will be printed as expected; the physical ticket is printed on standard office paper; and the physical ticket cannot be copied easily or quickly. For example, the printer can be arranged to generate a print fail indication which the token issuer will trust indicates the token has not been printed and that the transaction can be properly cancelled. Embodiments of the invention may provide, from the service provider's point of view, that the physical ticket can easily be identified to be genuine, no additional information (such as that in a data base), apart from that on the ticket, is needed to verify the ticket; and the physical ticket cannot be copied easily or quickly. The second of the two requirements is the same as that of the ticket buyer.

The encrypted message sent from token issuer may include information representative of the number of tokens, each according to the information representative of the token to be printed in the encrypted message, are to be printed by the printer. The printer then prints the number of tokens indicated by the information representative of the number of tokens to be printed in the encrypted message. This permits a single user to buy a number of tickets to an event in one transaction.

The encrypted message may include information representative of a replication resistant marking applicable to the token. The replication resistant marking for the token may be applied by the printer. These could be digital, printable watermarks of known type, for example.

The printer may send an acknowledgement to the token issuer that the entire printing of the token has been completed. The acknowledgement may be digitally signed using the private key of the printer. The acknowledgement may include all or part of the information representative of the token to be printed provided by the token issuer or other information by which the token issuer can confirm the tokens printed are those of that particular transaction. When the acknowledgement is verified by the token issuer a database may be updated to indicate that that token has been issued so the token issuer knows that that token should not be reissued. The messages between the printer and token issuer may be mediated by the token receiver's own computer system, for example a home computer system. The computer system may run an application program and a printer driver program. In this case the token receiver may input a command to the application indicating a printed token is desired. The application may then request the printer, via the printer driver, to provide the print job counter number and public key, the application sending the print job counter number and public key to the token issuer, and the application receiving the encrypted message from the token issuer and sending it to the printer via the printer driver. The printer and token issuer may be in communication at least in part via the internet.

The application could be a plug-in for a web browser and configured to establish and mediate communications between the token buyer's system and the token issuer's computing system, via the internet, for example.

It can be seen that, in general terms, the present invention provides a cryptographic solution to token printing, providing a secure business process which is suited also to a digital information rendering machine which is required to make one time deliveries to the subscriber.

Other aspects and advantages of the invention will become apparent from the following detailed description of exemplary embodiments taken in conjunction with the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a schematic block diagram of a first system for carrying out the method of the present invention;

FIG. 2 is a schematic block diagram of a second system for carrying out the method of the present invention;

FIG. 3 is a schematic diagram of the method steps of a first embodiment of the invention using the system of FIG. 1; and

FIG. 4 is a schematic diagram of the method steps of a second embodiment of the invention using the system of FIG. 2.

DETAILED DESCRIPTION OF EMBODIMENTS OF THE INVENTION

Referring to FIGS. 1 and 2, systems suitable for carrying out the present invention includes a printer identity module (PIM) 1, a printer driver 2, an application 3 that initiates secure printing, and a ticket issuer 4. The PIM 1 is part of a printing device 5 and the driver 2 and the application 3 reside in a computer system 8. The application is optionally associated with an internet browser 6 running on the computer system 8.

The PIM 1 is a digital identification device, similar to that of the Subscriber Identity Module (SIM) card in digital mobile phones. Stored inside the PIM are cryptographic key pairs such as those widely used for encryption and digital signing. The PIM also has a counter that generates a series of distinct counter numbers each to be associated with each of a respective series of print requests.

A given counter number and the public key of the PIM will be exported to the printer driver 2 when requested by the printer driver 2.

In the process of a web-based transaction that involves the issuing of a physical token, such as a ticket to a football match or a ticket to the theatre, the conclusion of the online interaction normally ends with the payment by the ticket purchaser, without getting the physical ticket immediately. The present invention provides that the physical ticket is obtained using the printer 5 associated with the machine 8 on which the browser application 6 runs, perhaps connected indirectly via a print spooler. The printer may be directly connected and networked to the computer system 8. A networked printing scenario implies that one or more machines embodying the features of printer 5, as well as conventional printers without a PIM, are networked together. These two cases will be considered separately with reference to FIGS. 1 and 2, respectively.

In each case, upon the receipt of payment by way of a credit card, say, the ticket issuer 4 will ask the human operator 7 who purchases one or more tickets whether the tickets are to be printed immediately on a printer connected to the computer system 8 and which runs browser 6. If the human operator's reply is affirmative, then the application 3, such as a plug-in for the browser, will start the trusted printing. At this point, the communication channel between the browser 6 and the issuer 4 is assumed to remain cryptographically secure for confidentiality using any known methods such as SSL.

In the case that the browser 6 has access to a single local printer 1, as in the system of FIG. 1, the following are the steps that are taken to meet the requirements listed previously, the steps being shown in FIG. 3.

The application 3 interacts with the print driver 2, indicating that a trusted printing is to be initiated through the use of, say, a flag. As a result, the printer driver 2 sends a trusted printing notification to the printer 5. In response to the notification, the printer 5 using the PIM 1 sends (C, K) to the driver 2, where C is a newly generated counter number, which the printer 5 will keep as reference for this transaction, and K is the public key for the printer stored in the PIM 1. The driver 2 passes (C, K) to the application 3 which sends this information to the ticket issuer 4. The counter number may be provided as a digitally signed counter number.

Upon receiving (C, K), the issuer 4 uses the public key of the printer 5 to encrypt the text (C, t1), where C is the counter number issued by printer 3 and t1 is the text that represents the ticket to be printed. The public key may be used directly to encrypt the text (C, t1) or it may be used in an enveloping method, such as PKCS No.7, to encrypt a symmetric session key Ks, and in which Ks is then used for encrypting the text (C, t1), for example. In order to avoid the need for the printer to format the ticket for printing, the text could be in postscript, PSL, or raster image, for example, so that a print can be rendered directly without further processing. The avoidance of the use of the print driver ensures that the ticket content is only decrypted inside the printer so enhancing the security of the transaction.

The encrypted text, represented by K(C, t1, n, W) (where n is the number of tickets to be printed and W is watermarking data) is sent back to the application 3. Before passing the encrypted text through the driver 2 to the printer 5, the application 3 checks the management information of the printer 5 to ensure that the printer is ready to render the ticket because it has, for example, adequate toner, paper and so forth. If the printer is ready, the application 3 sends the encrypted text to the printer 5 which uses its private key K′ stored in the PIM 1 to decrypt the information.

The printer 5 first checks that the counter value kept by the printer matches C from the decrypted text. Once C is verified, the printer will print t1. If the text sent by the issuer also includes n the number of tickets to be printed, or W the watermarking information, the printer will extract the information and execute printing according to the instruction to print the desired token 9.

Upon completion of the entire ticket printing process by printer 5, an acknowledgement digitally signed by printer 5 is sent to the application 3 and forwarded to the issuer 4. The digitally signed acknowledgement could be all or part of t1 or a reference which the issuer 4 includes in the text sent to the printer 5.

Using the public key of printer 1, the issuer 4 knows for sure that ticket printing has been completed. The issuer 4 will now be able to flag a database 20 that the ticket is now valid or operational, as well as to mark the ticket as sold.

If the computer system 8 has access to several networked printers, as in the system of FIG. 2, it normally prints with the use of a printer spooler 10.

In the FIG. 4 embodiment of the invention using the system of FIG. 2, the browser 6 connects to the spooler 10 which hosts printer drivers 11A and 11B.

The spooler 10 is used to queue print jobs and enable the print jobs to be done on the selected ones of the designated printers 5, 12, 14 and 16. In this FIG. 2 embodiment, only printers 5 and 12 have their own unique PIM, respectively PIM 1 and PIM 18. They use printer driver 11B, while printers 16 and 10 use driver 11A.

When the human operator 7, who has paid for a ticket from the ticket issuer 4, wants to have the ticket printed immediately, the steps taken to meet the trusted one-time printing requirements are as follows.

The application 3 interacts with the spooler 10 to find out which associated printer is capable of trusted printing. The list of printers with this capability is displayed by the computer system 8 and the human operator 7 can select accordingly.

Suppose printer 5 is chosen. The application 3 initiates trusted printing through, for example, the use of a flag. The spooler 10 uses printer driver 11B to send a trusted printing notification to printer 5.

In response to the notification, printer 5, using the PIM 1, sends (C, K) to the driver 11B, where C is a newly generated counter number, which the printer 5 will keep as reference for this transaction, and K is the public key for the printer 5 stored in the PIM 1. From the driver 11B the spooler 10 takes (C, K) and passes it to the application 3 which will send this information back to the ticket issuer 4.

Upon receiving (C, K), the issuer 4 will use the public key of the printer 5 to encrypt (C, t1), respectively the counter and the formatted ticket text, in exactly the same way as in step 4 in the direct-connect printer case of FIG. 1.

The encrypted text, represented by K(C, t1, n, W) and which depends on the exact implementation, is sent back to the application 3. Before passing the encrypted text through the driver 2 to printer 5, the application 3 checks the management information of the printer 5 to ensure that the printer is ready to render the ticket, as in step 5 in the direct-connect printer case of FIG. 1. If printer 5 is ready, the application 3 will send the encrypted text to the spooler 10 which will pass the encrypted text on to printer 5 which uses its private key K′ stored in the PIM 1 to decrypt the information.

The printer 5 first checks that the counter value kept by the printer matches C from the decrypted text. Once C is verified, the printer will print t1. If the text sent by the issuer also includes n the number of tickets to be printed, or W the watermarking information, the printer will extract the information and execute according to the instruction.

Upon completion of the entire ticket printing process by printer 5, an acknowledgement digitally signed by printer 5 is sent to the application 3 and forwarded to the issuer 4. The digitally signed acknowledgement could be all or part of t1, or a reference which the issuer 4 includes in the text sent to the printer 5.

Using the public key of printer 5, the issuer 4 knows for certain that ticket printing has been completed. The issuer 4 will now be able to flag the database 20 that the ticket is now valid or operational, as well as to mark the ticket as sold.

The description of the process so far has focussed on printing with assurance, that is, that the information printed can only be rendered on a specific printer at the point of execution. A printed hard copy on standard office paper can, however, be replicated with the help of a photocopy machine or a scanner and the printer which may not be acceptable to token issuers in some instances.

The trusted one-time printing can involve the use of additional technology to prevent the reproduction of the specific one-time hard copy in such cases. There are several approaches using known technologies including the following.

Physical destructive marking. The printer may be constructed to include a mechanical device which allows the destruction of the paper used to print the ticket. The destruction can take the form of perforation, as found in punch cards, or other forms whereby visible holes are created. Furthermore, the placement of the perforation can be precisely calculated to yield a pattern that is specific to the event related to the ticket. A Superbowl 2000 ticket, for example, could be created with specious pattern which can be verified with the use of a scanning device.

Corrosion-based marking. The printer could have a specious cartridge that allows corrosive liquid or other substance to cause permanent damage to the paper and create a replication resistant marking.

Highly reflective semi-transparent sticky tape could be used. A special complex event logo can be printed on the ordinary paper and a fully sealed cartridge with pieces of highly reflective sticky tape will be overlaid on top. The sticky tape ensures that any attempt to remove it will tear off the even logo, while the highly reflective surface of the semi-transparent sticky tape will resist scanning and photocopying.

The foregoing description has been limited to the specific embodiments of this invention. It will be apparent however, that variations and modifications may be made to the invention, with the attainment of some or all of the advantages of the invention. Therefore, it is the object of the appended claims to cover all such variations and modifications as come within the true spirit and scope of the present invention.

Claims (29)

What is claimed is:
1. A method of printing a token by a printer, in which:
the printer includes a digital identification device configured to generate a series of distinct print job counter numbers and to provide a public key of a cryptographic public key/private key pair, the method including the steps of:
sending a printer-generated print job counter number and an encryption key to a token issuer;
the token issuer sending to the printer a message encrypted by the encryption key, the message including the print job counter number and information representative of the token to be printed; and
the printer decrypting the encrypted message and printing the token using the information representative of the token if the print job counter number is valid.
2. The method of claim 1, in which the encrypted message sent from the token issuer includes information representative of the number of tokens to be printed by the printer, each according to the information representative of the token to be printed in the encrypted message.
3. The method of claim 2, in which the printer prints the number of tokens indicated by the information representative of the number of tokens to be printed in the encrypted message.
4. The method of claim 1 in which the encrypted message includes information representative of replication resistant marking applicable to the token.
5. The method of claim 4, in which the printer applies the replication resistant marking to the token.
6. The method of claim 1, in which the printer sends an acknowledgement to the token issuer that the entire printing of the token has been completed.
7. The method of claim 6, in which the acknowledgement is digitally signed using the private key of the printer.
8. The method of claim 6, in which the acknowledgement includes all or part of the information representative of the token to be printed provided by the token issuer.
9. The method of claim 6, in which the acknowledgement is verified by the token issuer and, if found valid, a database is updated to indicate that that token has been issued.
10. The method of claim 1 in which the sending of the messages between the printer and token issuer are mediated by a computer system connected to the printer.
11. The method of claim 10, in which the computer system runs an application and a printer driver.
12. The method of claim 11, in which the token receiver inputs a command to the application indicating a printed token is desired,
the application requests the printer, via the printer driver, to provide the print job counter number and the encryption key,
the application sends the print job counter number and the encryption key to the token issuer,
the application receives the encrypted message from the token issuer and sends it to the printer via the printer driver.
13. The method of claim 1, in which the printer and token issuer are in communication with each other at least in part via the internet.
14. The method of claim 1, in which the printer is also configured to generate data on the printer's attributes which data is sent to the token issuer in addition to the printer-generated print job counter number and the public key.
15. The method of claim 1, in which the print job counter number is digitally signed by the printer.
16. The method of claim 1, in which the encryption key is the printer public key.
17. The method of claim 1, in which the printer public key is presented in the form of a digital certificate signed by the printer manufacturer.
18. The method of claim 1, in which the encryption key is a symmetric session encryption key, the method including using the public key as an enveloping key for sending the symmetric session key to the token issuer securely.
19. A method of printing a token by a printer, in which:
the printer includes a digital identification device configured to generate a series of distinct print job counter numbers and to provide a public key of a cryptographic public key/private key pair, the method including the steps of:
sending a printer-generated print job counter number and an encryption key to a token issuer;
the token issuer sending to the printer a message encrypted by the encryption key, the message including the print job counter number and information representative of the token to be printed;
the printer decrypting the encrypted message and printing the token using the information representative of the token if the print job counter number is valid; and
the encrypted message sent from the token issuer includes information representative of the number of tokens to be printed by the printer, each according to the information representative of the token to be printed in the encrypted message.
20. A method of printing a token by a printer, in which:
the printer includes a digital identification device configured to generate a series of distinct print job counter numbers and to provide a public key of a cryptographic public key/private key pair, the method including the steps of:
sending a printer-generated print job counter number and an encryption key to a token issuer;
the token issuer sending to the printer a message encrypted by the encryption key, the message including the print job counter number and information representative of the token to be printed;
the printer decrypting the encrypted message and printing the token using the information representative of the token if the print job counter number is valid; and
the encrypted message includes information representative of replication resistant marking applicable to the token.
21. A method of printing a token by a printer, in which:
the printer includes a digital identification device configured to generate a series of distinct print job counter numbers and to provide a public key of a cryptographic public key/private key pair, the method including the steps of:
sending a printer-generated print job counter number and an encryption key to a token issuer;
the token issuer sending to the printer a message encrypted by the encryption key, the message including the print job counter number and information representative of the token to be printed;
the printer decrypting the encrypted message and printing the token using the information representative of the token if the print job counter number is valid; and
the printer sends an acknowledgement to the token issuer that the entire printing of the token has been completed.
22. A method of printing a token by a printer, in which:
the printer includes a digital identification device configured to generate a series of distinct print job counter numbers and to provide a public key of a cryptographic public key/private key pair, the method including the steps of:
sending a printer-generated print job counter number and an encryption key to a token issuer;
the token issuer sending to the printer a message encrypted by the encryption key, the message including the print job counter number and information representative of the token to be printed;
the printer decrypting the encrypted message and printing the token using the information representative of the token if the print job counter number is valid;
the printer sends an acknowledgement to the token issuer that the entire printing of the token has been completed; and
the acknowledgement is verified by the token issuer and, if found valid, a database is updated to indicate that that token has been issued.
23. A method of printing a token by a printer, in which:
the printer includes a digital identification device configured to generate a series of distinct print job counter numbers and to provide a public key of a cryptographic public key/private key pair, the method including the steps of:
sending a printer-generated print job counter number and an encryption key to a token issuer;
the token issuer sending to the printer a message encrypted by the encryption key, the message including the print job counter number and information representative of the token to be printed;
the printer decrypting the encrypted message and printing the token using the information representative of the token if the print job counter number is valid;
the sending of the messages between the printer and token user being mediated by a computer system connected to the printer;
the computer system running an application and a printer driver, and in which
the token receiver inputs a command to the application indicating a printed token is desired,
the application requests the printer, via the printer driver, to provide the print job counter number and the encryption key,
the application sends the print job counter number and the encryption key to the token issuer, and
the application receives the encrypted message from the token issuer and sends it to the printer via the printer driver.
24. A method of printing a token by a printer, in which:
the printer includes a digital identification device configured to generate a series of distinct print job counter numbers and to provide a public key of a cryptographic public key/private key pair, the method including the steps of:
sending a printer-generated print job counter number and an encryption key to a token issuer;
the token issuer sending to the printer a message encrypted by the encryption key, the message including the print job counter number and information representative of the token to be printed;
the printer decrypting the encrypted message and printing the token using the information representative of the token if the print job counter number is valid; and
the printer and token issuer are in communication with each other at least in part via the internet.
25. A method of printing a token by a printer, in which:
the printer includes a digital identification device configured to generate a series of distinct print job counter numbers and to provide a public key of a cryptographic public key/private key pair, the method including the steps of:
sending a printer-generated print job counter number and an encryption key to a token issuer;
the token issuer sending to the printer a message encrypted by the encryption key, the message including the print job counter number and information representative of the token to be printed;
the printer decrypting the encrypted message and printing the token using the information representative of the token if the print job counter number is valid; and
the printer is also configured to generate data on the printer's attributes which data is sent to the token issuer in addition to the printer-generated print job counter number and public key.
26. A method of printing a token by a printer, in which:
the printer includes a digital identification device configured to generate a series of distinct print job counter numbers and to provide a public key of a cryptographic public key/private key pair, the method including the steps of:
sending a printer-generated print job counter number and an encryption key to a token issuer;
the token issuer sending to the printer a message encrypted by the encryption key, the message including the print job counter number and information representative of the token to be printed;
the printer decrypting the encrypted message and printing the token using the information representative of the token if the print job counter number is valid; and
the print job counter number is digitally signed by the printer.
27. A method of printing a token by a printer, in which:
the printer includes a digital identification device configured to generate a series of distinct print job counter numbers and to provide a public key of a cryptographic public key/private key pair, the method including the steps of:
sending a printer-generated print job counter number and an encryption key to a token issuer;
the token issuer sending to the printer a message encrypted by the encryption key, the message including the print job counter number and information representative of the token to be printed;
the printer decrypting the encrypted message and printing the token using the information representative of the token if the print job counter number is valid; and
the encryption key is the printer public key.
28. A method of printing a token by a printer, in which:
the printer includes a digital identification device configured to generate a series of distinct print job counter numbers and to provide a public key of a cryptographic public key/private key pair, the method including the steps of:
sending a printer-generated print job counter number and an encryption key to a token issuer;
the token issuer sending to the printer a message encrypted by the encryption key, the message including the print job counter number and information representative of the token to be printed;
the printer decrypting the encrypted message and printing the token using the information representative of the token if the print job counter number is valid; and
the printer public key is presented in the form of a digital certificate signed by the printer manufacturer.
29. A method of printing a token by a printer, in which:
the printer includes a digital identification device configured to generate a series of distinct print job counter numbers and to provide a public key of a cryptographic public key/private key pair, the method including the steps of:
sending a printer-generated print job counter number and an encryption key to a token issuer;
the token issuer sending to the printer a message encrypted by the encryption key, the message including the print job counter number and information representative of the token to be printed;
the printer decrypting the encrypted message and printing the token using the information representative of the token if the print job counter number is valid; and
the encryption key is a symmetric session encryption key, the method including using the public key as an enveloping key for sending the symmetric session key to the token issuer securely.
US10270322 2001-10-13 2002-10-15 Method of printing a token by a printer Expired - Fee Related US6688230B2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
GB0124633 2001-10-13
GB0124633A GB2380912B (en) 2001-10-13 2001-10-13 Trusted one-time printing
GB0124633.9 2001-10-13

Publications (2)

Publication Number Publication Date
US20030084809A1 true US20030084809A1 (en) 2003-05-08
US6688230B2 true US6688230B2 (en) 2004-02-10

Family

ID=9923791

Family Applications (1)

Application Number Title Priority Date Filing Date
US10270322 Expired - Fee Related US6688230B2 (en) 2001-10-13 2002-10-15 Method of printing a token by a printer

Country Status (2)

Country Link
US (1) US6688230B2 (en)
GB (1) GB2380912B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020131593A1 (en) * 2001-03-19 2002-09-19 Parry Travis J. Public encryption of a stored print job
US20040008842A1 (en) * 2002-07-10 2004-01-15 Mike Partelow Methods and apparatus for secure document printing
US20060004672A1 (en) * 2004-06-30 2006-01-05 Xerox Corporation Prepaid billing apparatus and method for printing systems
US20060075477A1 (en) * 2004-09-30 2006-04-06 Shenoy Rajesh K Electronic device communication methods, appliance verification methods, appliance programming methods, appliances, articles of manufacture, and client electronic devices
US20060136726A1 (en) * 2004-12-17 2006-06-22 Xerox Corporation Multifunction device with secure job release
US7086792B1 (en) 2005-09-08 2006-08-08 Xerox Corporation Combining a set of images into a single document image file having a version key and a color plane associated therewith

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7519819B2 (en) * 2002-05-29 2009-04-14 Digimarc Corporatino Layered security in digital watermarking
DE10332850A1 (en) * 2003-07-18 2005-02-17 OCé PRINTING SYSTEMS GMBH Method and apparatus for printing of sensitive data

Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5633932A (en) * 1995-12-19 1997-05-27 Intel Corporation Apparatus and method for preventing disclosure through user-authentication at a printing node
US6236971B1 (en) * 1994-11-23 2001-05-22 Contentguard Holdings, Inc. System for controlling the distribution and use of digital works using digital tickets
US6314521B1 (en) * 1997-11-26 2001-11-06 International Business Machines Corporation Secure configuration of a digital certificate for a printer or other network device
US20020018235A1 (en) * 2000-05-16 2002-02-14 Xerox Corporation Finishing module coordinator apparatus and method for assembler/finisher systems
US6378070B1 (en) * 1998-01-09 2002-04-23 Hewlett-Packard Company Secure printing
US6385728B1 (en) * 1997-11-26 2002-05-07 International Business Machines Corporation System, method, and program for providing will-call certificates for guaranteeing authorization for a printer to retrieve a file directly from a file server upon request from a client in a network computer system environment
US20020097407A1 (en) * 2000-05-16 2002-07-25 Xerox Corporation Production monitor controller apparatus and method for assembler/finisher systems
US20020161430A1 (en) * 1996-04-26 2002-10-31 Jang G. David Intravascular stent
US6477580B1 (en) * 1999-08-31 2002-11-05 Accenture Llp Self-described stream in a communication services patterns environment
US20020169002A1 (en) * 2001-05-02 2002-11-14 Imbrie Alyce M. Secure and accountable wireless printing system
US20030014368A1 (en) * 2001-07-09 2003-01-16 Travelers Express Inc. Systems, methods and apparatus for secure printing of negotiable instruments
US20030066878A1 (en) * 2001-10-09 2003-04-10 Mahoney Terry P. Printed card to control printer
US20030115144A1 (en) * 1994-11-23 2003-06-19 Stefik Mark J. Digital work structure

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5598477A (en) * 1994-11-22 1997-01-28 Pitney Bowes Inc. Apparatus and method for issuing and validating tickets
US5884277A (en) * 1995-05-01 1999-03-16 Vinod Khosla Process for issuing coupons for goods or services to purchasers at non-secure terminals
US6223166B1 (en) * 1997-11-26 2001-04-24 International Business Machines Corporation Cryptographic encoded ticket issuing and collection system for remote purchasers
JP2003501712A (en) * 1999-06-01 2003-01-14 ザ・リージェンツ・オブ・ザ・ユニバーシティ・オブ・カリフォルニア Delivery and inspection systems and methods of the digital ticket
GB0022614D0 (en) * 1999-09-17 2000-11-01 Ibm Method and system for remote printing of duplication-resistant documents

Patent Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030115144A1 (en) * 1994-11-23 2003-06-19 Stefik Mark J. Digital work structure
US6236971B1 (en) * 1994-11-23 2001-05-22 Contentguard Holdings, Inc. System for controlling the distribution and use of digital works using digital tickets
US5633932A (en) * 1995-12-19 1997-05-27 Intel Corporation Apparatus and method for preventing disclosure through user-authentication at a printing node
US20020161430A1 (en) * 1996-04-26 2002-10-31 Jang G. David Intravascular stent
US6385728B1 (en) * 1997-11-26 2002-05-07 International Business Machines Corporation System, method, and program for providing will-call certificates for guaranteeing authorization for a printer to retrieve a file directly from a file server upon request from a client in a network computer system environment
US6314521B1 (en) * 1997-11-26 2001-11-06 International Business Machines Corporation Secure configuration of a digital certificate for a printer or other network device
US6378070B1 (en) * 1998-01-09 2002-04-23 Hewlett-Packard Company Secure printing
US6477580B1 (en) * 1999-08-31 2002-11-05 Accenture Llp Self-described stream in a communication services patterns environment
US20020018235A1 (en) * 2000-05-16 2002-02-14 Xerox Corporation Finishing module coordinator apparatus and method for assembler/finisher systems
US20020097407A1 (en) * 2000-05-16 2002-07-25 Xerox Corporation Production monitor controller apparatus and method for assembler/finisher systems
US20020169002A1 (en) * 2001-05-02 2002-11-14 Imbrie Alyce M. Secure and accountable wireless printing system
US20030014368A1 (en) * 2001-07-09 2003-01-16 Travelers Express Inc. Systems, methods and apparatus for secure printing of negotiable instruments
US20030066878A1 (en) * 2001-10-09 2003-04-10 Mahoney Terry P. Printed card to control printer

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7103182B2 (en) * 2001-03-19 2006-09-05 Hewlett-Packard Development Company, L.P. Public encryption of a stored print job
US20020131593A1 (en) * 2001-03-19 2002-09-19 Parry Travis J. Public encryption of a stored print job
US20100023769A1 (en) * 2002-07-10 2010-01-28 Mike Partelow Methods and apparatus for secure document printing
US20100023770A1 (en) * 2002-07-10 2010-01-28 Mike Partelow Methods and apparatus for secure document printing
US7831830B2 (en) 2002-07-10 2010-11-09 Electronics For Imaging, Inc. Methods and apparatus for secure document printing
US20040008842A1 (en) * 2002-07-10 2004-01-15 Mike Partelow Methods and apparatus for secure document printing
US7296157B2 (en) * 2002-07-10 2007-11-13 Electronics For Imaging, Inc. Methods and apparatus for secure document printing
US7849316B2 (en) 2002-07-10 2010-12-07 Electronics For Imaging, Inc. Methods and apparatus for secure document printing
US20060004672A1 (en) * 2004-06-30 2006-01-05 Xerox Corporation Prepaid billing apparatus and method for printing systems
US20060075477A1 (en) * 2004-09-30 2006-04-06 Shenoy Rajesh K Electronic device communication methods, appliance verification methods, appliance programming methods, appliances, articles of manufacture, and client electronic devices
US7562223B2 (en) 2004-12-17 2009-07-14 Xerox Corporation Multifunction device with secure job release
US20060136726A1 (en) * 2004-12-17 2006-06-22 Xerox Corporation Multifunction device with secure job release
US7086792B1 (en) 2005-09-08 2006-08-08 Xerox Corporation Combining a set of images into a single document image file having a version key and a color plane associated therewith

Also Published As

Publication number Publication date Type
GB2380912A (en) 2003-04-16 application
GB0124633D0 (en) 2001-12-05 grant
US20030084809A1 (en) 2003-05-08 application
GB2380912B (en) 2004-09-01 grant

Similar Documents

Publication Publication Date Title
US6990585B2 (en) Digital signature system, digital signature method, digital signature mediation method, digital signature mediation system, information terminal and storage medium
Choudhury et al. Copyright protection for electronic publishing over computer networks
US6671804B1 (en) Method and apparatus for supporting authorities in a public key infrastructure
US4853961A (en) Reliable document authentication system
US5949879A (en) Auditable security system for the generation of cryptographically protected digital data
US6002772A (en) Data management system
US6282523B1 (en) Method and apparatus for processing checks to reserve funds
US6450403B1 (en) Method and apparatus for depositing ordinary checks from home or office
US7028180B1 (en) System and method for usage of a role certificate in encryption and as a seal, digital stamp, and signature
US6516996B1 (en) Electronic payment system
US6430688B1 (en) Architecture for web-based on-line-off-line digital certificate authority
US7299502B2 (en) System and method for providing customized secure access to shared documents
US6314521B1 (en) Secure configuration of a digital certificate for a printer or other network device
US20030182475A1 (en) Digital rights management printing system
US20020094090A1 (en) Information recording medium, information processing apparatus and method, program recording medium, and information processing system
US20020065786A1 (en) Method and apparatus for depositing paper checks from home or office
US5784461A (en) Security system for controlling access to images and image related services
US20020059238A1 (en) Data management system
US20030093695A1 (en) Secure handling of stored-value data objects
US20020112160A2 (en) Three Party Account Authority Digital Signature (AADS) System
US20020013899A1 (en) Automated document distribution and transaction verification
US6892300B2 (en) Secure communication system and method of operation for conducting electronic commerce using remote vault agents interacting with a vault controller
US7337332B2 (en) Transferring electronic content
US20030063744A1 (en) Systems and methods for printing documents containing electronic signatures
US6301660B1 (en) Computer system for protecting a file and a method for protecting a file

Legal Events

Date Code Title Description
AS Assignment

Owner name: HEWLETT-PACKARD COMPANY, COLORADO

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:HEWLETT-PACKARD LIMITED;REEL/FRAME:013655/0312

Effective date: 20030113

AS Assignment

Owner name: HEWLETT-PACKARD DEVELOPMENT COMPANY L.P., TEXAS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:HEWLETT-PACKARD COMPANY;REEL/FRAME:014061/0492

Effective date: 20030926

Owner name: HEWLETT-PACKARD DEVELOPMENT COMPANY L.P.,TEXAS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:HEWLETT-PACKARD COMPANY;REEL/FRAME:014061/0492

Effective date: 20030926

FPAY Fee payment

Year of fee payment: 4

FPAY Fee payment

Year of fee payment: 8

REMI Maintenance fee reminder mailed
LAPS Lapse for failure to pay maintenance fees
FP Expired due to failure to pay maintenance fee

Effective date: 20160210